Sounds like the small state table problem, where a regular session is
being clobbered by the new sessions (each file is a new TCP session in
FTP land). Since m0n0wall is stock tuned for tiny little "my lightbulb
consumes more power" routers, this is how it is.
The proof of this would exist in the logs. When the lockup occurs, do
you see multiple drops for TCP 21, or whatever port your FTP control
session is on?
FTP itself doesn't use UDP, so there is no issue there (though there
might be a trickle of UDP data involved, like DNS queries and maybe
backend authentication traffic like RADIUS)
Unfortunately, there aren't many ways of working around it at the time
being for 1.2 - state table size is supposedly a compile time variable.
I hope that we'll see some method of state table size entry method,
and perhaps a smarter overload algo in 1.3, where idle time is
considered for reaping before session age.
Christopher M. Iarocci wrote:
> No solution here, but thought I'd report the same exact problem with 2
> separate m0n0walls. One running 1.23 and the other running 1.3b2. One
> of mine is connected to a cable modem, the other is connected to a Cisco
> router that is connected to a 10MB fiber connection.
> Hans Mojave wrote:
>> Hi there,
>> (internal 1gbit switched / adsl2+ 16m/1m)
>> When i upload many small files to an external ftp server (e.g. typo3
>> installation and templates ~1800files) it happens that the ftp
>> connection is hanging. This happens round about every 200Files:
>> -> File is uploading... Upload speed decreases to 0, ftp connection is
>> i have to hard-terminate the tcp session. Reconnect and resume
>> uploading the next ~200files with fullspeed .
>> Its not a dsl-modem, ftp-server,dsl-connection or software problem.
>> Tested that with Dlink804hv routers, 3 Pcs running different ftp
>> software (windows tcp/syn connection limit was removed).
>> Downloading of many small files is no problem. Also uploading through
>> ssl tunnels for example is stable. Uploading big files is no problem
>> at all.
>> Is there an issue with the often changing data (udp) ports in
>> monowall, which is charateristc for ftp?
>> Sorry for bad englisch and best regards
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch